[ https://issues.apache.org/jira/browse/HIVE-7193?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Naveen Gangam updated HIVE-7193: -------------------------------- Attachment: LDAPAuthentication_Design_Doc_V2.docx Attached is an updated doc with the new design. The goal of the design is not only to make LDAP Authenticator more feature-rich, but to also make it generic enough to make it work with all LDAP implementations available while keeping the number of parameters to be configured to a small set. When needed, code made assumptions based on popular implementations but also provided a safety valve (customQuery) that will get around this assumption. Please provide feedback. Thanks > Hive should support additional LDAP authentication parameters > ------------------------------------------------------------- > > Key: HIVE-7193 > URL: https://issues.apache.org/jira/browse/HIVE-7193 > Project: Hive > Issue Type: Bug > Affects Versions: 0.10.0 > Reporter: Mala Chikka Kempanna > Assignee: Naveen Gangam > Attachments: HIVE-7193.patch, LDAPAuthentication_Design_Doc.docx, > LDAPAuthentication_Design_Doc_V2.docx > > > Currently hive has only following authenticator parameters for LDAP > authentication for hiveserver2. > <property> > <name>hive.server2.authentication</name> > <value>LDAP</value> > </property> > <property> > <name>hive.server2.authentication.ldap.url</name> > <value>ldap://our_ldap_address</value> > </property> > We need to include other LDAP properties as part of hive-LDAP authentication > like below > a group search base -> dc=domain,dc=com > a group search filter -> member={0} > a user search base -> dc=domain,dc=com > a user search filter -> sAMAAccountName={0} > a list of valid user groups -> group1,group2,group3 -- This message was sent by Atlassian JIRA (v6.3.4#6332)